Cybersecurity

Cybersecurity is the practice of protecting computers, networks, data, and online accounts from attacks, theft, and damage. In today’s digital world, every student, teacher, and staff member uses technology — which makes cybersecurity essential for everyone.

Why Cybersecurity Matters

• We store personal information online.
  
  

• Cybercriminals target students and institutions.
  
  

• One weak password or unsafe click can allow attackers into the system.
  
  

• Cybersecurity keeps your data safe and ensures classes and systems run smoothly.
  
  

Common Cyber Threats You Should Know

1. Phishing

Fake emails, messages, or websites that trick you into sharing passwords or clicking harmful links.

2. Malware

Software designed to harm your device — viruses, ransomware, spyware, etc.

3. Social Engineering

Manipulation tricks where attackers pretend to be someone trustworthy to steal information.

4. Password Attacks

Criminals try to guess or crack weak passwords to get into accounts.

5. Data Breaches

When sensitive information (emails, marksheets, ID numbers) is leaked, stolen, or exposed.

1.      Policy on Personal CCTV Cameras and IoT Devices on the Institute Network

CCTV

●        CC will not support personal cameras on the institute network, either via the Internet or via the intranet.

IoT Devices

●        The end user, In-charge or faculty member, Staff member, or other responsible party will be solely responsible for ensuring that the software in the IoT devices or camera should be regularly updated and free from known vulnerabilities.

●        In the event of any disruption to the Institute’s network caused by an IoT device, the person responsible for that device will be held solely responsible for the disruption and network access for that device will be suspended.

●        Use of any IoT device or the use/installation of any rogue devices is not permitted in hostel, academic, and administrative buildings.CC personnel will confiscate these devices if they are found on the institute’s network.

2.      Cyber Security Policy for the Data Centre

To ensure secure and compliant operation of systems hosted in the Institute's utility Data Centre, the following policies shall apply:

●                     Access Control

o    Physical access to the Data Centre and user rack server(s) is restricted to approved users only and designated staff members.

o    Faculty members who have their machine(s) hosted in the Data Centre may authorise access for their designated PhD scholar or PDF, subject to prior approval.

●                     Compliance and Licensing

o    Users must comply with copyright laws and adhere to the license agreements of all software and materials used.

●                     External Network Exposure

o Internet Access via bypassing firewall authentication (LDAP) will be granted only to the specific IP address/machine after the approval of Department Head and Head, CC.

o To enable external Internet access for servers or machines, users must submit a complete list of the required services and ports that need to be opened on the institute’s firewall.

o    The request of server/machine in-charge related to the above point will only be allowed after the approval of Department Head and Head, CC respectively.

●                     System Security Maintenance

o    All hosted systems must be maintained with the latest operating system, software libraries, and application security updates/patches.

The following baseline practices are mandatory:

▪          Regularly update operating systems and software libraries.

▪          Disable or remove unused services and applications.

▪          Keep all unnecessary network ports closed.

▪          Maintain secure configurations at all times.

o    Server’s/Machines’ Local Firewall Configuration

▪          All the machines must have their local firewall enabled and properly configured, allowing only the required ports and services to remain open.

●                     Secure Remote Access via intranet and internet

o    Remote connections must use secure protocols such as SSH or VPN.

●                     Password Policy

o    All systems must use strong, complex passwords that are changed periodically.

o    Passwords must be at multiple characters in length and include a combination of uppercase letters, lowercase letters, numbers, and special characters.

o    Default passwords must be changed immediately upon initial setup.

o    Passwords should not be written down or stored in unencrypted files or documents.

o    Wherever available, users should enable Multi-Factor Authentication or 2 Factor Authentication (MFA/2FA). The machines may/also use FIDO (Fast IDentity Online) authentication method for login via the internal or external network.

3.      CC Lab policies

•                     Users are responsible for saving their work data from the Lab computers. CC Lab systems may be wiped regularly. Personal data should not be stored on lab computers.

•                     CC can delete the data in the lab system without any prior notice.

•                     Users must not install or modify software in the lab computers.

•                     SSH/remote login access should be disabled on the lab computers.

•                     Internet usage should be limited to strictly academic and research purposes only.

•                     Users should not attempt to access, modify, or delete system files or configuration settings.

•                     Any hardware or software issues should be immediately reported to CC personnel.

•                     The systems may be periodically monitored for security and compliance purposes.

•                     Users should avoid any actions that could disrupt or compromise network operations. Network usage must always comply with the Institute Internet/Network Usage Policy.

•                     Users are expected to use Lab resources responsibly and in accordance with acceptable use practices.

•                     Laptop devices are not permitted to use inside the CC Labs. Users must use the deployed desktop systems available in the labs. Disconnecting or removing existing network cables, power cables, or other peripheral devices is strictly prohibited.

4. Guidelines for IT System Usage and Maintenance

All Institute Offices and Labs must strictly adhere to the IT System Usage and Maintenance Guidelines, as mentioned in the Institute Internet/Network Usage Policy.

Key Points to be Followed:

a. Licensed Software Only

●        It is the responsibility of the system owner to ensure that systems (desktops/laptops/workstations) run with genuine and licensed copies of operating systems and application software.

b. Enable Auto Updates

●        Operating System (OS) auto-updates must not be disabled.

●        Official systems should be regularly updated with all relevant updates and security patches.

●        All installed software must be kept up to date.

c. Restrict Unnecessary Software

●        Only essential software should be installed on office systems.

d. Antivirus and Firewall Protection

●        All office systems must be regularly scanned using built-in antivirus software (e.g., Windows Defender).

●        All office systems must have their local firewall enabled and properly configured, allowing only the required ports and services to remain open.

e. Procurement Guidelines/Advisory.

·           All new procurements of desktops/laptops/workstations must include a genuine OS and Application license (if any).

5. Email directory search

●          To protect the privacy of personal contact numbers, the committee has recommended disabling the email directory search feature for all IISERB email accounts.

How to Register Device MAC Address or Physical Address?

Visit the link https://web.iiserb.ac.in/mac/. Log in with your LDAP ID/Password and register your device(s). The users are allowed to register only 3 devices.
The auto script will register your device's MAC address or Physical Address.

Click on PDF to download the file and follow the instructions.

• Click on the link changepass.iiserb.ac.in and follow the instructions.

Configuration Settings for Windows Platform
For Windows XP

• Go to Start >> Settings >> Control Panel >> Network Connections >> Local Area Connection >> Properties

• Select Internet Protocol Version 4 (TCP/IP)

• Click Properties

• For DHCP, select Obtain IP address automatically and Obtain DNS address automatically

• For static IP, Specify IP, Gateway, Subnet Mask, and DNS

For Windows 7, 8 OR 10

• Go to Start >> Settings >> Control Panel >> Network and Sharing Center >> Change Adapter Settings >> Local Area Connection >> Properties

• For Windows 10 Go to Search >> Settings >> Network & Internet >> Change Adapter Settings >> Local Area Connection >> Properties

• Select Internet Protocol Version 4 (TCP/IPv4)Click Properties

• For DHCP, select Obtain IP address automatically and Obtain DNS address automatically

• For Static IP, Specify IP, Gateway, Subnet Mask, and DNS

Configuration Settings for Linux Platform

• Go to Network Settings GUI

• Select and configure the Interface

• For DHCP, select automatically obtain IP address and automatically obtain DNS address

• For Static IP, Specify IP, Gateway, Subnet Mask, and DNS

• Click to download the PDF and follow the instructions.

• Follow the "Connect IISERB" tab at IISERB Network under CC website.

Academic Area

Use DHCP.

Hostel Area

Go to CC website >> Click on Network

• Use SSL-VPN to access Library Online Journals and IISERB Network from outside the IISER Bhopal campus. For details and setup to use SSL-VPN, please follow the link SSL-VPN.

• IISERB net is an "open" computing environment that reflects the traditional openness of the academic environment. However, we restrict access from your machine to Internet and vice-versa by using Firewalls and also block access to porn sites.

REQUISITE

You must have your LDAP login account

Any FTP Client Software (Eg. FileZilla,WinSCP, FireFTP etc.)

Web pages related to your Personal Home or Group page.

Assumed that you have FileZilla FTP client

Open FileZilla

Now write

Host:home.iiserb.ac.in

Username:abc(YOUR LDAP ACCOUNT NAME)

Password:***(YOUR LDAP ACCOUNT PASS )

Port:22

Click On Quick Connect

The output will be like this

Now you can see a folder with the name www, Just open(double click)it.

After this, put your web pages in it by drag and drop or upload your files.

To access your page on a web browser

Open your web browser

Type the URL:home.iiserb.ac.in/~abc(home.iiserb.ac.in/~YOUR-LDAP-LOGIN)

1. Login to your IISERB Email Account

2. Click on Google Apps (Top Right of Screen)

3. Click on Contacts

4. Click on Create Contacts or Imports contacts

5. After clicking on Create Contact create your contact (input name and Email ID)

6. Your Contacts will show on screen

7. Click on Create Label (left toolbar)

8. give the Label a Name and Save it

9. Then select your Contact.

10. Goto manage the Label and select the label to add contact to it.

11. Now you can Email the Group you have created (Mail will be sent to everyone in the group).

Step 1 : NOTE: Go to the bottom of the security setting of Google and Allow less secure apps: ON or Go to the Less Secure Apps section of my Account

Step 2 :(To be done in your @iiserb.ac.in account)

First, set up POP in email

• On your computer, you can open Gmail.

• In the top right, click Setting.

• Click Settings.

• Click the Forwarding and POP/IMAP tab.

• In the "POP Download" section, select Enable POP for all mail or Enable POP for mail that arrives from now on.

• At the bottom of the page, click Save Changes.

• 
  

• Step 3 : (In the mail account you want your @iiserb.ac.in mail to be migrated in)

• Import old emails from IISER Bhopal account

• Open Gmail.

• In the top right, click Setting

• Click Settings.

• Click the Accounts and Import or Accounts tab.

• Click Import mail and contacts.

• Follow the steps on the screen to import your old emails.

• Click Start Import.

• Other details

• pop server:- pop.gmail.com

• Requires SSL:- Yes

• Port:- 995

• username:- type your iiser mail id

Source

• https://support.google.com/mail/answer/56283?hl=en

• https://support.google.com/mail/answer/7104828?hl=en

For questions or comments regarding this document, please mail network@iiserb.ac.in

Name Email

• Mr. Vinay Bajpai vinayb@iiserb.ac.in

• Mr. Ritesh Singh Thakur rsthakur@iiserb.ac.in

• Mr. Surykant Raghuwanshi suryakant@iiserb.ac.in

• Mr. Ankit Jain ankitj@iiserb.ac.in